summaryrefslogtreecommitdiff
path: root/source4/lib/tls
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-07-25 00:57:27 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:10:20 -0500
commit9d6f2767179fad2f9a067c67c09afddb6304e4eb (patch)
tree152febe9acc01ebbe00c56494541cf9c23296399 /source4/lib/tls
parentc047a88f41ffed47e2eb422f8efb594aae80d61e (diff)
downloadsamba-9d6f2767179fad2f9a067c67c09afddb6304e4eb.tar.gz
samba-9d6f2767179fad2f9a067c67c09afddb6304e4eb.tar.bz2
samba-9d6f2767179fad2f9a067c67c09afddb6304e4eb.zip
r17222: Change the function prototypes for the GENSEc and TLS socket creation
routines to return an NTSTATUS. This should help track down errors. Use a bit of talloc_steal and talloc_unlink to get the real socket to be a child of the GENSEC or TLS socket. Always return a new socket, even for the 'pass-though' case. Andrew Bartlett (This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)
Diffstat (limited to 'source4/lib/tls')
-rw-r--r--source4/lib/tls/tls.c24
1 files changed, 14 insertions, 10 deletions
diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
index f9213af2a7..9a37dd0bc3 100644
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -433,9 +433,9 @@ init_failed:
setup for a new connection
*/
struct socket_context *tls_init_server(struct tls_params *params,
- struct socket_context *socket,
- struct fd_event *fde,
- const char *plain_chars)
+ struct socket_context *socket,
+ struct fd_event *fde,
+ const char *plain_chars)
{
struct tls_context *tls;
int ret;
@@ -457,17 +457,19 @@ struct socket_context *tls_init_server(struct tls_params *params,
tls->socket = socket;
tls->fde = fde;
if (talloc_reference(tls, fde) == NULL) {
+ talloc_free(new_sock);
return NULL;
}
if (talloc_reference(tls, socket) == NULL) {
+ talloc_free(new_sock);
return NULL;
}
new_sock->private_data = tls;
if (!params->tls_enabled) {
- tls->tls_enabled = False;
- return new_sock;
+ talloc_free(new_sock);
+ return NULL;
}
TLSCHECK(gnutls_init(&tls->session, GNUTLS_SERVER));
@@ -503,9 +505,8 @@ struct socket_context *tls_init_server(struct tls_params *params,
failed:
DEBUG(0,("TLS init connection failed - %s\n", gnutls_strerror(ret)));
- tls->tls_enabled = False;
- params->tls_enabled = False;
- return new_sock;
+ talloc_free(new_sock);
+ return NULL;
}
@@ -649,7 +650,10 @@ struct socket_context *tls_init_server(struct tls_params *params,
struct fd_event *fde,
const char *plain_chars)
{
- return socket;
+ if (plain_chars) {
+ return socket;
+ }
+ return NULL;
}
@@ -659,7 +663,7 @@ struct socket_context *tls_init_server(struct tls_params *params,
struct socket_context *tls_init_client(struct socket_context *socket,
struct fd_event *fde)
{
- return socket;
+ return NULL;
}
BOOL tls_support(struct tls_params *params)